Improper SSL certificate issuing by CAs

130 views
Skip to first unread message

ssladmin...@portugalmail.pt

unread,
Apr 1, 2010, 3:35:28 AM4/1/10
to dev-tec...@lists.mozilla.org
Kurt Seifried here:

So I picked a webmail provider at random (sorry portugalmail.pt!) and
filled in the account form, taking ssladministrator as the email name.
Using this I was then able to buy a secure web certificate for
portugalmail.pt since the verification process is so weak. Here are
the five emails I received from RapidSSL, the only things I have
removed is my phone number and the last four digits of the credit
card, as you can see the process isn't that hard.

With respect to Firefox: what does it take, evidence wise to prove a
CA is doing a bad job? Is this enough or do you need more (like does
this have to happen 10 times or more?)?

================================================================================
ORDER ACKNOWLEDGEMENT

Order Reference Number: 6495457

Thank you for your SSL Certificate order. This email is an
acknowledgement that you have placed an order. This email also
contains important information on how

to complete your order and receive your certificate.

What you need to do to complete the purchase process?
-----------------------------------------------------

The next step in the process is the domain approval which must be
completed before the certificate can be issued:

Approver Email
---------------
We will send an Approver email to the designated APPROVER email
address. You would have selected the Approver email address during
enrollment, this would either

be:

- The email address associated with your WHOIS contact (if you are
unsure you can check this address by searching the WHOIS database at
www.nic.com)
- A generic email address such as ad...@yourdomain.com,
webm...@yourdomain.com, ro...@yourdomain.com, etc.

Having trouble completing the process? Read further?
------------------------------------------------------

Unless the Approver receives this email and approves the application
by clicking on the link within the email, YOUR CERTIFICATE CANNOT BE
ISSUED. If you own the

Approver email address please check any spam filters and virus
protection folders in case the email has been quarantined.

Looking for more information?
------------------------------

If you have any questions regarding the issuance of your certificate
or to chat with support, please visit our Support page:
http://www.rapidssl.com/support

Thank you,

RapidSSL Customer Support

----------------------------------
Single root RapidSSL - Issued in
minutes, installed in seconds

Pay-As-You-Go resellers wanted:
the best profits & zero overhead
----------------------------------
================================================================================
ORDER TELEPHONE AUTHENTICATION

Order Reference Number: 6495457

NOTE: If you successfully completed the Telephone Authentication
during the application process, you may ignore this email. This email
is only needed if you did

NOT complete the Telephone Authentication, or you encountered any
issues during the Telephone Authentication.

If you have not yet completed the Telephone Authentication, please
follow the below link and follow the on screen instructions:


https://products.geotrust.com/orders/enrollment/PhoneAuth.do?pin=PAYSUB1nazBUzaMrYehQZ

We allow only a limited number of attempts at completing the Telephone
Authentication. If you exceed the number of allowed attempts we will
need to conduct

manual telephone authentication.

Having trouble completing the process? Read further?
-----------------------------------------------------

To avoid delays in issuing your certificate, please contact support
immediately on US: 866-795-4669 or Europe: +44 203 0240906 and we will
conduct the Telephone

Authentication process manually.

Please note that if you do NOT complete the telephone authentication
within 5 days we will have no choice but to cancel the order. If you
experience any problems

completing the phone authentication please contact us immediately.

When you have successfully completed the Telephone Authentication, we
will send an Approver email to the designated APPROVER email address.
Please refer to the

Order Acknowledgement email for further details.

Looking for more information?
-----------------------------

If you have any questions regarding the issuance of your certificate
or to chat with support, please visit our Support page:
http://www.rapidssl.com/support

Thank you,

RapidSSL Customer Support

----------------------------------
Single root RapidSSL - Issued in
minutes, installed in seconds

Pay-As-You-Go resellers wanted:
the best profits & zero overhead
----------------------------------
================================================================================
ORDER APPROVAL

Dear Domain Administrator,

You are receiving this email because you are the Domain Administrator
for portugalmail.pt and the person identified below has requested a
RapidSSL certificate

for:
https://portugalmail.pt

Applicant information:
Name: Marko Polo
E-mail: ssladmin...@portugalmail.pt
Phone: [REMOVED]

Marko Polo requests that you come to the URL below to review and
approve this certificate request:

https://products.geotrust.com/orders/Approval.do?pin=AvaHdOjRNsi82eep4eijN

Please follow the above link and click either the I APPROVE or I DO
NOT APPROVE button.

When you click I APPROVE the certificate will be issued and emailed to
the Applicant, Approver and Technical contact.

If you click I DO NOT APPROVE the certificate application will be cancelled.

Having trouble completing the process? Read further?
-----------------------------------------------------

If you have problems accessing the URL above, please copy and paste
the full URL in your browser.

Looking for more information?
------------------------------

If you have any questions regarding the certificate or to chat with
support, please visit our Support page: http://www.rapidssl.com/support

Thank you,

RapidSSL Customer Support

----------------------------------
Single root RapidSSL - Issued in
minutes, installed in seconds

Pay-As-You-Go resellers wanted:
the best profits & zero overhead
----------------------------------
================================================================================
ORDER COMPLETE

Congratulations! Your RapidSSL Certificate has been issued and is
pasted at the bottom of this email.

What you need to do to complete the purchase process?
-----------------------------------------------------

You will need to copy the certificate out of the email and follow the
certificate installation instructions for your web servers:

http://www.rapidssl.com/resources/install/index.html

When you have installed your certificate we strongly recommend that
you back up your certificate. The installation instructions contain
directions on how to

backup.

Having trouble completing the process? Read further?
-----------------------------------------------------

If you have lost your private key for your certificate, you can
reissue your certificate by following the instructions below.

Self-Service Reissuance
------------------------

If you did not choose to purchase Reissue Insurance during enrollment
you may purchase it at any stage by visiting the below URL. If you
have Reissue Insurance

you will qualify for free reissues during the lifetime of certificate.

https://products.geotrust.com/geocenter/reissuance/reissue.do

Looking for more information?
-----------------------------

If you have any questions regarding the installation of your
certificate or to chat with support, please visit our Support page:
http://www.rapidssl.com/support

Thank you,

RapidSSL Customer Support

Your RapidSSL certificate:

-----BEGIN CERTIFICATE-----
MIID3zCCA0igAwIBAgIDD2pSMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT
MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0
aWZpY2F0ZSBBdXRob3JpdHkwHhcNMTAwMjE4MDE1MjAzWhcNMTEwMjIwMDc1ODUy
WjCB5TEpMCcGA1UEBRMgYjBpb1VTenZySEtXT1ZXdTd5ZWl2TFI2MzBpck5RNTMx
CzAJBgNVBAYTAlBUMRgwFgYDVQQKEw9wb3J0dWdhbG1haWwucHQxEzARBgNVBAsT
CkdUMzE4NDk1MjAxMTAvBgNVBAsTKFNlZSB3d3cucmFwaWRzc2wuY29tL3Jlc291
cmNlcy9jcHMgKGMpMTAxLzAtBgNVBAsTJkRvbWFpbiBDb250cm9sIFZhbGlkYXRl
ZCAtIFJhcGlkU1NMKFIpMRgwFgYDVQQDEw9wb3J0dWdhbG1haWwucHQwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD4wGvzXZ6kO/dDCPgZhsIgj8tG6mQJ
1IdUHpzhxPv8Gv9rWpyd2RmDCsgt6Vwep/TslvNmh4L43IOi8QqGXbclMW/ZavrS
HUOc8oV67hDZ2tSIufXQ63lA7Y/Uuuwv91R2NONueuGjUdCOi3z6xK9N9jtBLho7
H5TK2Mve7E6vJvKq/PMonzeeO5gV66jFQaV43yAR+WyoJ6++JKCk1brbsS4C4PEp
lL6cZgD7s8dKWqz7CtObyyhmnIyVcfHZmdoA70R/y+mYanli89JxlPQLZXi+ZpUz
uPADWvrw+cQ2GifHxxy9VtptH7R8pleSkKTRzpNxM9weSJT336R3cJSJAgMBAAGj
ga4wgaswDgYDVR0PAQH/BAQDAgTwMB0GA1UdDgQWBBScOSK/K5m8PG4l01l5x2Yp
6uHJMzA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmdlb3RydXN0LmNvbS9j
cmxzL3NlY3VyZWNhLmNybDAfBgNVHSMEGDAWgBRI5mj5K9KylddH2CMgEE8zmJCf
1DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQEFBQAD
gYEAoip0DyqJ7vrK00+0F7XLAWEdc/fRtJRuu0AZokdTS3oSC2XyOjwdMoNRi+SX
ZSHBg6f+Qxg7BJBEoj9bFbvNqflil8cAKQfYue6a5TYwImJ7x4UVHRYS+CrWAiSJ
43PVwhkZ6L+Yd09JBCfX4e0/6HPi09EI6Gs5XPtU2dzvpkQ=
-----END CERTIFICATE-----

Refund Policy
-----------------------------------------------------
If the certificate does not work as intended and you need a
replacement or a refund, RapidSSL.com will cancel, reissue or refund
fees following issuance or

renewal of a certificate upon request by the Subscriber within seven
(7) days of issue date. To request a cancellation, refund or a
reissue, a Subscriber should

email the request to sup...@rapidssl.com.

##########

Join the RapidSSL.com Reseller Program - the best value Pay As You Go
SSL certificate reseller program available! Gain instant discounts and
immediate issuance.

http://www.rapidssl.com/reseller.html

##########
================================================================================
INVOICE

RapidSSL.com US
487 East Middlefield Road
Mountain View
CA 94043, USA


Product Information:
-----------------------------------------------------
Product: RapidSSL
Order Id: 6495457
Domain secured: portugalmail.pt
Validity period: 12 months
Server Licenses: 1 server(s)


Purchase Information:
-----------------------------------------------------
Credit Card payment: ************[REMOVED]
Amount Charged: 79.00 USD


Please print this email as a receipt of your purchase. We hope you
will tell others about your positive experience with our company.

Looking for more information?
-----------------------------

If you have any questions regarding the issuance of your certificate
or to chat with support, please visit our Support page:
http://www.rapidssl.com/support

Thank you,

RapidSSL Customer Support

----------------------------------
Single root RapidSSL - Issued in
minutes, installed in seconds

Pay-As-You-Go resellers wanted:
the best profits & zero overhead
----------------------------------
================================================================================

________________________________________________________________________________
Portugalmail - O email preferido dos portugueses!
http://www.portugalmail.pt

Reed Loden

unread,
Apr 1, 2010, 4:15:45 AM4/1/10
to mozilla's crypto code discussion list, ssladmin...@portugalmail.pt
On Thu, 01 Apr 2010 08:35:28 +0100
ssladmin...@portugalmail.pt wrote:

> Kurt Seifried here:
>
> So I picked a webmail provider at random (sorry portugalmail.pt!) and
> filled in the account form, taking ssladministrator as the email name.
> Using this I was then able to buy a secure web certificate for
> portugalmail.pt since the verification process is so weak. Here are
> the five emails I received from RapidSSL, the only things I have
> removed is my phone number and the last four digits of the credit
> card, as you can see the process isn't that hard.

I filed this as https://bugzilla.mozilla.org/show_bug.cgi?id=556468 for
(any) investigation tracking.

~reed

--
Reed Loden - <re...@reedloden.com>

Eddy Nigg (StartCom Ltd.)

unread,
Apr 1, 2010, 5:20:46 AM4/1/10
to ssladmin...@portugalmail.pt, dev-tec...@lists.mozilla.org
Hi Kurt,

Terrific! What's your next step now? Where do you intend to publish it?

PS. I know a real person who's name is Marco Polo ;-)

Regards 
 
Signer:  Eddy Nigg, COO/CTO
  StartCom Ltd.
XMPP:  star...@startcom.org
Blog:  Join the Revolution!
Twitter:  Follow Me
 

On 04/01/2010 10:35 AM, ssladmin...@portugalmail.pt:
Kurt Seifried here:

So I picked a webmail provider at random (sorry portugalmail.pt!) and filled in the account form, taking ssladministrator as the email name. Using this I was then able to buy a secure web certificate for portugalmail.pt since the verification process is so weak. Here are the five emails I received from RapidSSL, the only things I have removed is my phone number and the last four digits of the credit card, as you can see the process isn't that hard.

Eddy Nigg

unread,
Apr 1, 2010, 5:33:54 AM4/1/10
to
On 04/01/2010 10:35 AM, ssladmin...@portugalmail.pt:
> Kurt Seifried here:
>
> So I picked a webmail provider at random (sorry portugalmail.pt!) and
> filled in the account form, taking ssladministrator as the email name.
> Using this I was then able to buy a secure web certificate for
> portugalmail.pt since the verification process is so weak. Here are
> the five emails I received from RapidSSL, the only things I have
> removed is my phone number and the last four digits of the credit
> card, as you can see the process isn't that hard.

Is this another 1st of April joke? At least your timing is a bit
questionable ;-)

--
Regards

Signer: Eddy Nigg, StartCom Ltd.
XMPP: star...@startcom.org
Blog: http://blog.startcom.org/
Twitter: http://twitter.com/eddy_nigg

Eddy Nigg

unread,
Apr 1, 2010, 6:37:04 AM4/1/10
to
> On 04/01/2010 10:35 AM, ssladmin...@portugalmail.pt:
>> Kurt Seifried here:
>>
>> So I picked a webmail provider at random (sorry portugalmail.pt!) and
>> filled in the account form, taking ssladministrator as the email
>> name. Using this I was then able to buy a secure web certificate for
>> portugalmail.pt since the verification process is so weak. Here are
>> the five emails I received from RapidSSL, the only things I have
>> removed is my phone number and the last four digits of the credit
>> card, as you can see the process isn't that hard.
>
> Is this another 1st of April joke? At least your timing is a bit
> questionable ;-)
>

Oh, and this fantastic news lines up nicely with your other thread "how
to report stolen/compromised certificate?" at
the mozilla.dev.security.policy mailing list. The irony that you can
request to have your certificate revoked, but the owner of the domain
portugalmail.pt can not.

I suggest to add another item to the Mozilla CA Policies that:

A) CAs are required to accept revocation requests by third parties and
investigate any request
B) CAs are required to revoked certificates upon key comprise and
wrongful issuance

Kurt Seifried

unread,
Apr 1, 2010, 6:42:06 AM4/1/10
to mozilla's crypto code discussion list
> Is this another 1st of April joke? At least your timing is a bit
> questionable ;-)

No this is not an April fools joke. The PDF at Linux Magazine is what
will be in the print copy (due out in 3 weeks I believe). The reality
is you can trivially buy SSL certificates for websites you don't
control, easiest way is google for a free webmail provider, register
an account like ssladmin or ssladministrator and spend $79 and in
20-30 minutes you'll have a certificate. I sent the emails I received
from RapidSSL at the account to provide proof/confirmation as I am
unwilling to do something rude (and possibly illegal) like sending out
the private key publicly.

The reality is anyone can verify this, you need to simply google a
webmail provider and spend $79.

> --
> Regards
>
> Signer:  Eddy Nigg, StartCom Ltd.

-Kurt

Eddy Nigg

unread,
Apr 1, 2010, 7:03:47 AM4/1/10
to
On 04/01/2010 01:42 PM, Kurt Seifried:

>> Is this another 1st of April joke? At least your timing is a bit
>> questionable ;-)
>>
> No this is not an April fools joke. The PDF at Linux Magazine is what
> will be in the print copy (due out in 3 weeks I believe). The reality
> is you can trivially buy SSL certificates for websites you don't
> control, easiest way is google for a free webmail provider, register
> an account like ssladmin or ssladministrator and spend $79 and in
> 20-30 minutes you'll have a certificate.
>

Well, Verisign was supposed to disable those email addresses. We've been
discussion this issue to death already and Verisign committed to it.
Apparently they haven't done so, despite their commitment.

--
Regards

Signer: Eddy Nigg, StartCom Ltd.

Michael Ströder

unread,
Apr 1, 2010, 7:40:35 AM4/1/10
to

You could also spend ~5000 EUR and have your own corporate sub-CA issuing
certs for whatever DNS name you want.

Ciao, Michael.

Eddy Nigg

unread,
Apr 1, 2010, 8:12:46 AM4/1/10
to
On 04/01/2010 02:40 PM, Michael Ströder:

> You could also spend ~5000 EUR and have your own corporate sub-CA issuing
> certs for whatever DNS name you want.
>

Which doesn't imply that no domain control validation is performed.

--
Regards

Signer: Eddy Nigg, StartCom Ltd.

Michael Ströder

unread,
Apr 1, 2010, 11:29:47 AM4/1/10
to
Eddy Nigg wrote:
> On 04/01/2010 02:40 PM, Michael Ströder:
>> You could also spend ~5000 EUR and have your own corporate sub-CA issuing
>> certs for whatever DNS name you want.
>
> Which doesn't imply that no domain control validation is performed.

Off course everything is covered by contracts. But there isn't any domain
control validation in the particular case I know of.

An organization I know has such a sub-CA cert signed by a pre-installed
trusted root CA. Domain control validation is practically impossible for the
superior CA since this organization has tens of thousands domains registered.
I know that this organization does not do anything bad so I won't mention the
root CA here.

But personally I take this as evidence that if you spent this fairly low
amount of money you could issue arbitrary certs without the superior CA
noticing it. IMO this could not even be discovered by audits if someone would
want to hide bad activity.

Ciao, Michael.

Mountie Lee

unread,
Apr 1, 2010, 9:26:17 PM4/1/10
to mozilla's crypto code discussion list
for the information.
Verisign OnSite service is allowing sub-CA for corporate.
the corporate operator is able to request issueing SSL certificate for there server from VERISIGN ROOT CA.
and verisign root ca automatically issues the certificate by the request of company.

I think this is one of the evidences

regards.
mountie.

2010/4/2 Michael Ströder <mic...@stroeder.com>



--
Mountie Lee

Tel : +82 2 2140 2700
E-Mail : mou...@paygate.net
Twitter : mountielee
=======================================
PayGate Inc.
* WEB STANDARD PAYMENT
* PCI DSS 100% COMPLIANT
* www.paygate.net 
* pay...@paygate.net

Jean-Marc Desperrier

unread,
Apr 2, 2010, 9:27:53 AM4/2/10
to
Kurt Seifried wrote:
>> Is this another 1st of April joke? At least your timing is a bit
>> > questionable;-)
> No this is not an April fools joke. The PDF at Linux Magazine is what
> will be in the print copy (due out in 3 weeks I believe)

Kurt, the best group for sending this and also to continue the
discussion would be mozilla.dev.security.policy

From a cryptographic point of view, nothing was broken. It's the policy
that's bad.

Reply all
Reply to author
Forward
0 new messages